pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/sysutils/xentools411 Add upstream patches for a bunch ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/d4346535787e
branches: trunk
changeset: 443607:d4346535787e
user: bouyer <bouyer%pkgsrc.org@localhost>
date: Thu Dec 17 16:48:12 2020 +0000
description:
Add upstream patches for a bunch of Xen security avisories, related
to xenstore permissions.
Bump PKGREVISION
diffstat:
sysutils/xentools411/Makefile | 4 +-
sysutils/xentools411/distinfo | 15 +-
sysutils/xentools411/patches/patch-XSA115-c | 1755 ++++++++++
sysutils/xentools411/patches/patch-XSA115-o | 694 +++
sysutils/xentools411/patches/patch-XSA322-c | 536 +++
sysutils/xentools411/patches/patch-XSA322-o | 112 +
sysutils/xentools411/patches/patch-XSA323 | 142 +
sysutils/xentools411/patches/patch-XSA324 | 50 +
sysutils/xentools411/patches/patch-XSA325 | 194 +
sysutils/xentools411/patches/patch-XSA330 | 68 +
sysutils/xentools411/patches/patch-XSA352 | 44 +
sysutils/xentools411/patches/patch-XSA353 | 91 +
sysutils/xentools411/patches/patch-tools_ocaml_xenstored_utils.ml | 12 +-
13 files changed, 3706 insertions(+), 11 deletions(-)
diffs (truncated from 3803 to 300 lines):
diff -r a78c182da675 -r d4346535787e sysutils/xentools411/Makefile
--- a/sysutils/xentools411/Makefile Thu Dec 17 16:47:30 2020 +0000
+++ b/sysutils/xentools411/Makefile Thu Dec 17 16:48:12 2020 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.23 2020/08/31 18:11:37 wiz Exp $
+# $NetBSD: Makefile,v 1.24 2020/12/17 16:48:12 bouyer Exp $
#
# VERSION is set in version.mk as it is shared with other packages
-PKGREVISION= 1
+PKGREVISION= 2
.include "version.mk"
DIST_IPXE= ipxe-git-${VERSION_IPXE}.tar.gz
diff -r a78c182da675 -r d4346535787e sysutils/xentools411/distinfo
--- a/sysutils/xentools411/distinfo Thu Dec 17 16:47:30 2020 +0000
+++ b/sysutils/xentools411/distinfo Thu Dec 17 16:48:12 2020 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.14 2020/08/24 10:33:27 bouyer Exp $
+$NetBSD: distinfo,v 1.15 2020/12/17 16:48:12 bouyer Exp $
SHA1 (xen411/ipxe-git-356f6c1b64d7a97746d1816cef8ca22bdd8d0b5d.tar.gz) = 272b8c904dc0127690eca2c5c20c67479e40da34
RMD160 (xen411/ipxe-git-356f6c1b64d7a97746d1816cef8ca22bdd8d0b5d.tar.gz) = cfcb4a314c15da19b36132b27126f3bd9699d0e5
@@ -12,6 +12,16 @@
SHA1 (patch-.._ipxe_src_net_fcels.c) = eda41b25c3d5f5bef33caa9a6af28c40cb91e66b
SHA1 (patch-Config.mk) = c41005a60de2f94a72b0206030eb021c137653d3
SHA1 (patch-Makefile) = 2f3a5eafc5039b149c98dd5e59c39a3197fd9264
+SHA1 (patch-XSA115-c) = 7e3216a23c522fc73f47fa6deef8918c4dce7fae
+SHA1 (patch-XSA115-o) = 6dc292060441c388b9a05e31ddc37835568a3e86
+SHA1 (patch-XSA322-c) = c48a10eeab29775b9c97a36848556120741a9c9d
+SHA1 (patch-XSA322-o) = 943e2aee69ac278871925223478b11f6dfabc9d7
+SHA1 (patch-XSA323) = 98055b0c05ed0d0f5ebbe23d429a68a71d92f20f
+SHA1 (patch-XSA324) = a1cdb872a79fd7d9234030ec2765d0a474f72fbb
+SHA1 (patch-XSA325) = 59c7fba006588db4accee1068072612777620ac3
+SHA1 (patch-XSA330) = 03b4f1d9c14e11eaee5b863276d32cee0544e604
+SHA1 (patch-XSA352) = 7c4479c029d9bbbf6578ee148cb926bb2d849789
+SHA1 (patch-XSA353) = 6983aa18399dcf0ac1471ffdf7c27c1bc041f49c
SHA1 (patch-always_inline) = 23201b2b63072e040630525416a0b61280492f93
SHA1 (patch-docs_man_xl-disk-configuration.pod.5) = 03ff4c22dde1e1b60ab8750c8971ea057e479151
SHA1 (patch-docs_man_xl.cfg.pod.5.in) = 951915037a9975b76cc5c41a0e1abe0a202a3696
@@ -56,7 +66,7 @@
SHA1 (patch-tools_ocaml_libs_xentoollog_xentoollog__stubs.c) = adee03d87168e735cb0d42ce06d0c31a14315b8d
SHA1 (patch-tools_ocaml_libs_xl__xenlight_stubs.c) = cc612908524670f650a294af133a5912f955f39e
SHA1 (patch-tools_ocaml_xenstored_Makefile) = b267702cf4090c7b45bba530e60327fced24e3e5
-SHA1 (patch-tools_ocaml_xenstored_utils.ml) = fd951de732d6c31cae89bd4b58c5650108578d79
+SHA1 (patch-tools_ocaml_xenstored_utils.ml) = 96b69dd3b5adb10692d7646c1dbeb20d27e0e1a8
SHA1 (patch-tools_qemu-xen-traditional_Makefile) = 5fbb55bf84f9856043be301d5d06530190fe9a60
SHA1 (patch-tools_qemu-xen-traditional_block-raw-posix.c) = eb3efea4b0c7fd744f627f1926fca737ba826b99
SHA1 (patch-tools_qemu-xen-traditional_configure) = 6a42dcac010f90439a347c0f6e886b07185cb19a
@@ -81,5 +91,4 @@
SHA1 (patch-tools_xentrace_xentrace.c) = f964c7555f454358a39f28a2e75db8ee100a4243
SHA1 (patch-tools_xl_Makefile) = dd4fa8cc66c74eea8b022cd6129aa2831776f2a8
SHA1 (patch-xen_Rules.mk) = c743dc63f51fc280d529a7d9e08650292c171dac
-SHA1 (patch-xen_common_lz4_dexompress.c) = 521a247c2d36980b3433c4be92c77308a2d3f3b9
SHA1 (patch-xen_tools_symbols.c) = 67b5a38312095029631e00457abc0e4bb633aaf8
diff -r a78c182da675 -r d4346535787e sysutils/xentools411/patches/patch-XSA115-c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/sysutils/xentools411/patches/patch-XSA115-c Thu Dec 17 16:48:12 2020 +0000
@@ -0,0 +1,1755 @@
+$NetBSD: patch-XSA115-c,v 1.1 2020/12/17 16:48:12 bouyer Exp $
+
+From e92f3dfeaae21a335e666c9247954424e34e5c56 Mon Sep 17 00:00:00 2001
+From: Juergen Gross <jgross%suse.com@localhost>
+Date: Thu, 11 Jun 2020 16:12:37 +0200
+Subject: [PATCH 01/10] tools/xenstore: allow removing child of a node
+ exceeding quota
+
+An unprivileged user of Xenstore is not allowed to write nodes with a
+size exceeding a global quota, while privileged users like dom0 are
+allowed to write such nodes. The size of a node is the needed space
+to store all node specific data, this includes the names of all
+children of the node.
+
+When deleting a node its parent has to be modified by removing the
+name of the to be deleted child from it.
+
+This results in the strange situation that an unprivileged owner of a
+node might not succeed in deleting that node in case its parent is
+exceeding the quota of that unprivileged user (it might have been
+written by dom0), as the user is not allowed to write the updated
+parent node.
+
+Fix that by not checking the quota when writing a node for the
+purpose of removing a child's name only.
+
+The same applies to transaction handling: a node being read during a
+transaction is written to the transaction specific area and it should
+not be tested for exceeding the quota, as it might not be owned by
+the reader and presumably the original write would have failed if the
+node is owned by the reader.
+
+This is part of XSA-115.
+
+Signed-off-by: Juergen Gross <jgross%suse.com@localhost>
+Reviewed-by: Julien Grall <jgrall%amazon.com@localhost>
+Reviewed-by: Paul Durrant <paul%xen.org@localhost>
+---
+ tools/xenstore/xenstored_core.c | 20 +++++++++++---------
+ tools/xenstore/xenstored_core.h | 3 ++-
+ tools/xenstore/xenstored_transaction.c | 2 +-
+ 3 files changed, 14 insertions(+), 11 deletions(-)
+
+diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c
+index 97ceabf9642d..b43e1018babd 100644
+--- tools/xenstore/xenstored_core.c.orig
++++ tools/xenstore/xenstored_core.c
+@@ -417,7 +417,8 @@ static struct node *read_node(struct connection *conn, const void *ctx,
+ return node;
+ }
+
+-int write_node_raw(struct connection *conn, TDB_DATA *key, struct node *node)
++int write_node_raw(struct connection *conn, TDB_DATA *key, struct node *node,
++ bool no_quota_check)
+ {
+ TDB_DATA data;
+ void *p;
+@@ -427,7 +428,7 @@ int write_node_raw(struct connection *conn, TDB_DATA *key, struct node *node)
+ + node->num_perms*sizeof(node->perms[0])
+ + node->datalen + node->childlen;
+
+- if (domain_is_unprivileged(conn) &&
++ if (!no_quota_check && domain_is_unprivileged(conn) &&
+ data.dsize >= quota_max_entry_size) {
+ errno = ENOSPC;
+ return errno;
+@@ -455,14 +456,15 @@ int write_node_raw(struct connection *conn, TDB_DATA *key, struct node *node)
+ return 0;
+ }
+
+-static int write_node(struct connection *conn, struct node *node)
++static int write_node(struct connection *conn, struct node *node,
++ bool no_quota_check)
+ {
+ TDB_DATA key;
+
+ if (access_node(conn, node, NODE_ACCESS_WRITE, &key))
+ return errno;
+
+- return write_node_raw(conn, &key, node);
++ return write_node_raw(conn, &key, node, no_quota_check);
+ }
+
+ static enum xs_perm_type perm_for_conn(struct connection *conn,
+@@ -999,7 +1001,7 @@ static struct node *create_node(struct connection *conn, const void *ctx,
+ /* We write out the nodes down, setting destructor in case
+ * something goes wrong. */
+ for (i = node; i; i = i->parent) {
+- if (write_node(conn, i)) {
++ if (write_node(conn, i, false)) {
+ domain_entry_dec(conn, i);
+ return NULL;
+ }
+@@ -1039,7 +1041,7 @@ static int do_write(struct connection *conn, struct buffered_data *in)
+ } else {
+ node->data = in->buffer + offset;
+ node->datalen = datalen;
+- if (write_node(conn, node))
++ if (write_node(conn, node, false))
+ return errno;
+ }
+
+@@ -1115,7 +1117,7 @@ static int remove_child_entry(struct connection *conn, struct node *node,
+ size_t childlen = strlen(node->children + offset);
+ memdel(node->children, offset, childlen + 1, node->childlen);
+ node->childlen -= childlen + 1;
+- return write_node(conn, node);
++ return write_node(conn, node, true);
+ }
+
+
+@@ -1254,7 +1256,7 @@ static int do_set_perms(struct connection *conn, struct buffered_data *in)
+ node->num_perms = num;
+ domain_entry_inc(conn, node);
+
+- if (write_node(conn, node))
++ if (write_node(conn, node, false))
+ return errno;
+
+ fire_watches(conn, in, name, false);
+@@ -1514,7 +1516,7 @@ static void manual_node(const char *name, const char *child)
+ if (child)
+ node->childlen = strlen(child) + 1;
+
+- if (write_node(NULL, node))
++ if (write_node(NULL, node, false))
+ barf_perror("Could not create initial node %s", name);
+ talloc_free(node);
+ }
+diff --git a/tools/xenstore/xenstored_core.h b/tools/xenstore/xenstored_core.h
+index 56a279cfbb47..3cb1c235a101 100644
+--- tools/xenstore/xenstored_core.h.orig
++++ tools/xenstore/xenstored_core.h
+@@ -149,7 +149,8 @@ void send_ack(struct connection *conn, enum xsd_sockmsg_type type);
+ char *canonicalize(struct connection *conn, const void *ctx, const char *node);
+
+ /* Write a node to the tdb data base. */
+-int write_node_raw(struct connection *conn, TDB_DATA *key, struct node *node);
++int write_node_raw(struct connection *conn, TDB_DATA *key, struct node *node,
++ bool no_quota_check);
+
+ /* Get this node, checking we have permissions. */
+ struct node *get_node(struct connection *conn,
+diff --git a/tools/xenstore/xenstored_transaction.c b/tools/xenstore/xenstored_transaction.c
+index 2824f7b359b8..e87897573469 100644
+--- tools/xenstore/xenstored_transaction.c.orig
++++ tools/xenstore/xenstored_transaction.c
+@@ -276,7 +276,7 @@ int access_node(struct connection *conn, struct node *node,
+ i->check_gen = true;
+ if (node->generation != NO_GENERATION) {
+ set_tdb_key(trans_name, &local_key);
+- ret = write_node_raw(conn, &local_key, node);
++ ret = write_node_raw(conn, &local_key, node, true);
+ if (ret)
+ goto err;
+ i->ta_node = true;
+--
+2.17.1
+
+From e8076f73de65c4816f69d6ebf75839c706145fcd Mon Sep 17 00:00:00 2001
+From: Juergen Gross <jgross%suse.com@localhost>
+Date: Thu, 11 Jun 2020 16:12:38 +0200
+Subject: [PATCH 02/10] tools/xenstore: ignore transaction id for [un]watch
+
+Instead of ignoring the transaction id for XS_WATCH and XS_UNWATCH
+commands as it is documented in docs/misc/xenstore.txt, it is tested
+for validity today.
+
+Really ignore the transaction id for XS_WATCH and XS_UNWATCH.
+
+This is part of XSA-115.
+
+Signed-off-by: Juergen Gross <jgross%suse.com@localhost>
+Reviewed-by: Julien Grall <jgrall%amazon.com@localhost>
+Reviewed-by: Paul Durrant <paul%xen.org@localhost>
+---
+ tools/xenstore/xenstored_core.c | 26 ++++++++++++++++----------
+ 1 file changed, 16 insertions(+), 10 deletions(-)
+
+diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c
+index b43e1018babd..bb2f9fd4e76e 100644
+--- tools/xenstore/xenstored_core.c.orig
++++ tools/xenstore/xenstored_core.c
+@@ -1268,13 +1268,17 @@ static int do_set_perms(struct connection *conn, struct buffered_data *in)
+ static struct {
+ const char *str;
+ int (*func)(struct connection *conn, struct buffered_data *in);
++ unsigned int flags;
++#define XS_FLAG_NOTID (1U << 0) /* Ignore transaction id. */
+ } const wire_funcs[XS_TYPE_COUNT] = {
+ [XS_CONTROL] = { "CONTROL", do_control },
+ [XS_DIRECTORY] = { "DIRECTORY", send_directory },
+ [XS_READ] = { "READ", do_read },
+ [XS_GET_PERMS] = { "GET_PERMS", do_get_perms },
+- [XS_WATCH] = { "WATCH", do_watch },
+- [XS_UNWATCH] = { "UNWATCH", do_unwatch },
++ [XS_WATCH] =
++ { "WATCH", do_watch, XS_FLAG_NOTID },
++ [XS_UNWATCH] =
++ { "UNWATCH", do_unwatch, XS_FLAG_NOTID },
+ [XS_TRANSACTION_START] = { "TRANSACTION_START", do_transaction_start },
+ [XS_TRANSACTION_END] = { "TRANSACTION_END", do_transaction_end },
+ [XS_INTRODUCE] = { "INTRODUCE", do_introduce },
+@@ -1296,7 +1300,7 @@ static struct {
+
+ static const char *sockmsg_string(enum xsd_sockmsg_type type)
+ {
+- if ((unsigned)type < XS_TYPE_COUNT && wire_funcs[type].str)
++ if ((unsigned int)type < ARRAY_SIZE(wire_funcs) && wire_funcs[type].str)
+ return wire_funcs[type].str;
+
+ return "**UNKNOWN**";
+@@ -1311,7 +1315,14 @@ static void process_message(struct connection *conn, struct buffered_data *in)
+ enum xsd_sockmsg_type type = in->hdr.msg.type;
+ int ret;
+
+- trans = transaction_lookup(conn, in->hdr.msg.tx_id);
++ if ((unsigned int)type >= XS_TYPE_COUNT || !wire_funcs[type].func) {
++ eprintf("Client unknown operation %i", type);
++ send_error(conn, ENOSYS);
++ return;
++ }
++
++ trans = (wire_funcs[type].flags & XS_FLAG_NOTID)
++ ? NULL : transaction_lookup(conn, in->hdr.msg.tx_id);
+ if (IS_ERR(trans)) {
+ send_error(conn, -PTR_ERR(trans));
+ return;
+@@ -1320,12 +1331,7 @@ static void process_message(struct connection *conn, struct buffered_data *in)
+ assert(conn->transaction == NULL);
+ conn->transaction = trans;
+
+- if ((unsigned)type < XS_TYPE_COUNT && wire_funcs[type].func)
+- ret = wire_funcs[type].func(conn, in);
+- else {
+- eprintf("Client unknown operation %i", type);
+- ret = ENOSYS;
+- }
++ ret = wire_funcs[type].func(conn, in);
+ if (ret)
+ send_error(conn, ret);
+
Home |
Main Index |
Thread Index |
Old Index